Formalizing and analyzing security ceremonies with heterogeneous devices in ANP and PDL

In today's security protocols (also called “security ceremonies” when humans play a key role), different nodes may have capabilities: computers can encrypt and decrypt messages, whereas cannot; biometric device capture information, random number generator used in e-banking so on. Furthermore, even if node has the decryption capability, it must also know encryption to message. Actor-network procedures (ANPs) are well-known formal model of heterogeneous by Meadows Pavlovic, their procedure derivation logic (PDL) supports logical reasoning about ANPs. However, ANPs do not support explicitly specifying capabilities, PDL does knowledge participants at points time. this paper, we extend deal with devices nodes' as well adding new types events. We modify take into account time, reason both from “bird's-eye” view system, “node's-eye” view. All allows us secrecy authentication protocols/ceremonies kinds human users. illustrate use our modeling notation ANP-C logics PDL-CK PDL-CKL specify scenarios involving devices, including: for updating someone's data smart card reader; an SSL/TLS ceremony user, smartphone fingerprint reader, remote computer/server; YubiKey companies such Google, Facebook, Bank America.